PFredirection from a port to another

New Member

Hi there,
I'm too new to BSD and pf so I can't accomplish the following task and receiving generic "syntax error", maybe because of tables or macros. Here's the scenario: a server in DMZ with unbound (serving as resolver to other machines in DMZ) and NSD (authoritative for an Internet domain). To make this work I configured NSD to listen to a different port, say 53535. I want pf to block all traffic:
1) except for ssh from internal networks (DMZ, LAN)
2) permit resolving requests from DMZ to port 53 (unbound)
3) all traffic coming from external firewall to port 53 redirected to port 53535.

Administrator

Bind NSD to the external address, bind unboud to the local address. There's rarely a need for silly constructs like that. If you do appear to need it you're doing something wrong and may need to review what you're trying to accomplish.